This document presents a configuration example in which Virtual Private
Dialup Network (VPDN) Layer 2 Tunneling Protocol (L2TP) is configured for ISDN
and analog dialin calls. There is no Authentication, Authorization, and
Accounting (AAA) server involved in this setup.

L2TP is an Internet Engineering Task Force (IETF) standard that
combines the best features of two existing tunneling protocols:

Cisco Layer 2 Forwarding (L2F)

Microsoft Point-to-Point Tunneling Protocol
(PPTP)

In this setup, we are using L2TP by adding the command
protocol L2TP. L2F is the default.

Cisco recommends that you use the command
vpdn-group, introduced in Cisco
IOS® Software Release 12.0(1)T, to define the VPDN
parameters in both L2TP Access Concentrator (LAC) and L2TP Network Server
(LNS). However, if you want to use the commands vpdn
incoming and vpdn outgoing, please
refer to Configuring
Virtual Private Dialup Networks.

The main characteristics of this setup are as follows:

The LAC:

identifies a VPDN client based on the domain name received in the
authentication (Challenge Handshake Authentication Protocol [CHAP] in this
setup) response.

uses its local VPDN parameters to bring up the tunnel and the
session with the LNS.

The LNS:

uses its local VPDN parameters to accept the VPDN tunnel and
session from the LAC.

A Cisco AS5300 (the LAC) with an E1 card and a Mica card. It can
accept ISDN and analog calls.

The information presented in this document was created from devices in
a specific lab environment. All of the devices used in this document started
with a cleared (default) configuration. If you are working in a live network,
ensure that you understand the potential impact of any command before using
it.

Note: In the configurations above, we have configured the dialer 1 and
group-async1 interfaces with the minimum Point to Point Protocol (PPP)
options.

To allow more functionalities at PPP level (ppp multilink, compression,
and so on), you need to add these functionalities on those interfaces and on
the virtual-template 1 of the LNS.

Important: The rule is that all PPP options you define
in the dialer 1 and group-async1 interfaces have to be configured in the
virtual-template 1 of the LNS.

The virtual-template 1 receives a "copy" of LCP options negotiated
between the LAC and the client. If an option that has been negotiated between
the LAC and the client is not configured in the virtual-template 1, then the
LNS clears the VPDN session. However, to allow the LNS to renegotiate the LCP
with the client, set the commands lcp renegotiation
always or lcp renegotiation
on-mismatch in the VPDN group.

Note: By default, the LAC and the LNS use their hostname in the L2TP
exchange packets. To modify this behaviour, define the command
local name in the vpdn-group. Let's look at an
example of an LNS configuration: